diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-01-06 06:27:52 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-01-06 06:27:52 +0100 |
commit | 4fccb24643e5f149c5fd2669c98efaba1565bb0f (patch) | |
tree | 2ca0b103a7f35312301a9389516bf7859d632feb /retired | |
parent | 273c268d71a0cb5bd66f7d0379fb3c6bbc4eca06 (diff) |
Retire some CVEs
Diffstat (limited to 'retired')
-rw-r--r-- | retired/CVE-2021-39633 | 15 | ||||
-rw-r--r-- | retired/CVE-2021-39634 | 13 | ||||
-rw-r--r-- | retired/CVE-2021-45485 | 13 | ||||
-rw-r--r-- | retired/CVE-2021-45486 | 13 |
4 files changed, 54 insertions, 0 deletions
diff --git a/retired/CVE-2021-39633 b/retired/CVE-2021-39633 new file mode 100644 index 000000000..34e382405 --- /dev/null +++ b/retired/CVE-2021-39633 @@ -0,0 +1,15 @@ +Description: ip_gre: add validation for csum_start +References: + https://source.android.com/security/bulletin/2022-01-01 +Notes: + carnil> Commit fixes c54419321455 ("GRE: Refactor GRE tunneling code.") + carnil> in 3.10-rc1. +Bugs: +upstream: released (5.14) [1d011c4803c72f3907eccfc1ec63caefb852fcbf] +5.10-upstream-stable: released (5.10.62) [fb45459d9ddb1edd4a8b087bafe875707753cb10] +4.19-upstream-stable: released (4.19.206) [c33471daf2763c5aee2b7926202c74b75c365119] +4.9-upstream-stable: released (4.9.282) [41d5dfa408130433cc5f037ad89bed854bf936f7] +sid: released (5.14.6-1) +5.10-bullseye-security: released (5.10.70-1) +4.19-buster-security: released (4.19.208-1) +4.9-stretch-security: released (4.9.290-1) diff --git a/retired/CVE-2021-39634 b/retired/CVE-2021-39634 new file mode 100644 index 000000000..f5913a7cb --- /dev/null +++ b/retired/CVE-2021-39634 @@ -0,0 +1,13 @@ +Description: epoll: do not insert into poll queues until all sanity checks are done +References: + https://source.android.com/security/bulletin/2022-01-01 +Notes: +Bugs: +upstream: released (5.9-rc8) [f8d4f44df056c5b504b0d49683fb7279218fd207] +5.10-upstream-stable: N/A "Fixed before branching point" +4.19-upstream-stable: released (4.19.150) [3e3bbc4d23eeb90bf282e98c7dfeca7702df3169] +4.9-upstream-stable: released (4.9.239) [ea984dfe0e7978cd294eb6a640ac27fa1834ac8d] +sid: released (5.8.14-1) +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.152-1) +4.9-stretch-security: released (4.9.240-1) diff --git a/retired/CVE-2021-45485 b/retired/CVE-2021-45485 new file mode 100644 index 000000000..9929d26d5 --- /dev/null +++ b/retired/CVE-2021-45485 @@ -0,0 +1,13 @@ +Description: ipv6: use prandom_u32() for ID generation +References: + https://arxiv.org/pdf/2112.09604.pdf +Notes: +Bugs: +upstream: released (5.14-rc1) [62f20e068ccc50d6ab66fdb72ba90da2b9418c99] +5.10-upstream-stable: released (5.10.51) [8f939b79579715b195dc3ad36669707fce6853ee] +4.19-upstream-stable: released (4.19.198) [f0be58ec9931907e980cf21737e51d369808eb95] +4.9-upstream-stable: released (4.9.276) [3fc852e59c0a48094cc0f1b2e866604986bbcd31] +sid: released (5.14.6-1) +5.10-bullseye-security: released (5.10.70-1) +4.19-buster-security: released (4.19.208-1) +4.9-stretch-security: released (4.9.290-1) diff --git a/retired/CVE-2021-45486 b/retired/CVE-2021-45486 new file mode 100644 index 000000000..c18deb1fb --- /dev/null +++ b/retired/CVE-2021-45486 @@ -0,0 +1,13 @@ +Description: inet: use bigger hash table for IP ID generation +References: + https://arxiv.org/pdf/2112.09604.pdf +Notes: +Bugs: +upstream: released (5.13-rc1) [aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba] +5.10-upstream-stable: released (5.10.37) [a273c27d7255fc527023edeb528386d1b64bedf5] +4.19-upstream-stable: released (4.19.196) [7f7e23df8509e072593200400a4b094cc44376d2] +4.9-upstream-stable: released (4.9.274) [0889f0a3bb2de535f48424491d8f9d5954a3cde8] +sid: released (5.10.38-1) +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.208-1) +4.9-stretch-security: released (4.9.290-1) |